Implementing SailPoint IdentityIQ for a Quarterly SOX Certification at a Financial Services Company

Focal Point’s IAM services client is a globally recognized Fortune 500 business and financial services company, with more than 12,000 users across 41 countries. The U.S. based Financial Company offers credit rating services and financial analysis software and tools, and operates dozens of applications and critical systems for controlling information and communication within SOX compliance.

Challenges

The Financial Company lacked an IAM system with the capabilities to fully handle provisioning and de-provisioning. The Financial Company also managed user access and authorization through a maze of excessive, manual IT procedures, which steadily grew more congested with the around the clock demands from a legacy ticketing system, on/off-boarding, and service requests.

The Financial Company require a fully integrated IAM system that supported single sign-on (SSO) access and role-based privileging, user access recertification, continuous controls monitoring, and adequate testing of controls activity. With only two months before the next certification, it was vital that the Financial Company finished the eight-month project within the two-month timeframe, so they sought an experienced agile team that had no room for errors.

Solution

SailPoint IdentityIQ provided these powerful features:

Cloud-based user and password management, with single sign-on capabilities

Integration between IIQ and ServiceNOW for streamlined ticketing automation and actionable requests

Implementation

For the 8-weeks remaining before the SOX deadline, the Focal Point team scheduled an aggressive implementation and integration project. This project scoped the development, configuration, User Acceptance Testing (UAT), and documentation of roughly 40 applications and components, with integrations that ranged from executing system-wide user operations and data harvesting to adding certification frameworks and Out-of-the-Box (OOTB) connections.

The Financial Company chose Focal Point because of their industry knowledge and experience on agile projects, including their ability for:

Scoping and scheduling integrations processes with the “task triage” necessary for tight timelines

Continuing tasks with focused efficiency and adaptability, with constant integrations’ testing and tweaking throughout development and testing phases

Success and Continued Support

In addition to successfully integrating the SOX-applications by the Financial Company’s certification deadline, the Focal Point team also completed the implementation and integration of SailPoint IdentityIQ’s ServiceNOW ticketing tool, which allowed the Financial Company to free up a significant amount of resources and improve their overall customer service quality and response time. IIQ also offered the Financial Company an automated and streamlined IAM system upgrade, which improved both its identity governance and ongoing SOX certification procedures.

Stemming from the success of the SailPoint IdentityIQ implementation and positive experience when meeting high expectations under a tight timeline, the Financial Company has continued to partner with Focal Point on a number of subsequent security, risk management, and regulatory compliance initiatives.

Featured Service

Identity Governance

Companies are no longer looking to implement large-scale, on-premise solutions to cover their complex identity, access, and provisioning needs. Instead, most companies are opting to improve scalability and sustainability through a cloud-first approach, choosing to implement and integrate multiple solutions to cover different functions. Focal Point can guide you as you move off of legacy or homegrown systems and into modern solutions, driving successful strategies to help you implement and support a robust cloud ecosystem.

Featured Case Studies

Check out more stories about the exciting projects we've been working on.

Case Study

GDPR and CCPA Compliance Readiness Services

The Company initially partnered with Focal Point in October 2017 for GDPR readiness services, specifically to assess its IT systems to gain a better understanding of its current alignment with the GDPR.

Assessing and Ensuring GDPR Compliance for a Fortune 500 Cruise Line

Focal Point’s GDPR and global privacy services client is a recognized leader in the hospitality and travel leisure industry. The Company sought to align with both the GDPR and evolving privacy demands.